How to deal with your ‘Data Dunkirk’

Lawrence Jones

Tuesday 22 August 2017

This year is fast becoming the year of the data breach, with the war online more aggressive, fierce and expensive than ever before. CIOs are the generals in this conflict, leading their organisations into battle and sometimes needing a hasty retreat. When the time comes, are you ready for your Data Dunkirk?

Businesses are at war with hackers, and the costs are incredible. In its 2016 Cybercrime Report, UK data security firm Cybersecurity Ventures estimates the cost of online crime could top $6 trillion by 2021. High-profile hacks may dominate the headlines, but businesses of all sizes are targets for online crime, with the same report noting half of all attacks are targeted at SMEs.

Solid data protection is essential. The question isn’t if, but when your organisation will experience a data breach. When it happens, you need to be ready.

Immortalised this summer in Christopher Nolan’s solemn blockbuster, the strategic retreat at Dunkirk may seem a strange metaphor for managing a data breach, but there are clear lessons for the CIO about how to manage in a data crisis.

Don’t play catch up in a crisis

In May 1940, under pressure from the German army, Allied troops retreated to the now-famous beaches of Dunkirk. Aided by members of the public and hastily requisitioned boats, thousands of troops made it back from these troubled shores to Britain.

This famous strategic retreat helped the Allies avoid annihilation, allowing them to regroup and refocus, eventually regaining the strength needed to win the war.

The lesson here: is manage your retreat properly, and you come back stronger.

The CEO may get the blame for the failure, but it’s up to the IT experts – expertise in cybersecurity is arguably the most important skill for the modern CIO. This expertise needs to be supported by solid planning, but with 30 per cent of SMEs having no plan in place to deal with a data breach, many businesses are playing catch-up in a crisis.

Strong planning and an organisational culture that can manage and adapt in a crisis are key to bouncing back quickly from a data breach.

Frame the narrative

Winston Churchill described the evacuation of Dunkirk as a “miracle”, citing the calmness of the soldiers, the clarity of their leadership and the bravery of those who made the perilous trip across the channel – in some cases more than once.

His careful choice of words helped frame the event not as a failure, but a victory. It’s how this potentially disastrous event is viewed through the cloudy lens of history.

Acknowledging a problem publicly – including details of who is affected and how – is an essential part of managing a data breach. Speedy action by the Australian Red Cross and a clear plan for action resulted in a commendation from the country’s Data Protection Commissioner. You may be the victim, but take charge of the story and tell it your way.

Avoid a future crisis

When back in the relatively safety of Britain, the experience of Dunkirk shaped the approach of the military General throughout the remainder of the war, with leaders adopting a more conservative approach. The situation defined the strategy.

The data war is in full swing, but it’s moved up a gear with the new European Union Data and Information Systems (NIS) Directive, which will see businesses facing fines of up to 4 per cent of turnover. The terms of conflict have changed, and it’s up to you to respond.

After you’ve experienced a data breach, it’s time to reassess your strategy. The cloud is acknowledged to be a key risk for enterprise, but there are simple ways you can improve your security in the age of the cloud. Understanding and accepting your weaknesses is a difficult but important step in the process of dealing with your own Data Dunkirk and coming back stronger.


Building the next-gen data centre

Where traditional and web-scale apps co-exist